package com.oasystem.web.filter;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public class SecurityFilter implements Filter {

	public void destroy() {

	}

	public void doFilter(ServletRequest req, ServletResponse res,
			FilterChain chain) throws IOException, ServletException {
		// HttpServletRequest request =(HttpServletRequest) req;
		// Operator operator =(Operator)
		// request.getSession().getAttribute("OPERATOR");
		// res.setCharacterEncoding("UTF-8");
		// String message = null;
		// if(operator==null){
		// message="请先登录";
		// }else{
		// //uri like /oasystem/MainMenu/configuration/operatorPage.htm
		// String uri = request.getRequestURI();
		// if(uri.contains("MainMenu/configuration") &&
		// !operator.isAllowConfigSystem()){
		// message="你没有权限访问 配置系统";
		// }
		// if(uri.contains("MainMenu/profit") &&
		// !operator.isAllowProfitSystem()){
		// message="你没有权限访问返利系统";
		// }
		// if(uri.contains("MainMenu/members") &&
		// !operator.isAllowMemberSystem()){
		// message="你没有权限访问 会员管理系统";
		// }
		// }
		// if(message==null){
		chain.doFilter(req, res);
		// }else{
		// req.setAttribute("message",message );
		// req.getRequestDispatcher("/loginPage.htm").forward(req, res);
		// }
	}

	public void init(FilterConfig arg0) throws ServletException {

	}

}
